Credential Guard Archives

Winsage

November 16, 2025

Windows 11 Pro upgrade plummets under $10

Prices for a Windows 11 Pro license have dropped below , making it affordable to upgrade older PCs into capable daily drivers. The upgrade offers a streamlined interface, enhanced multitasking with snap layouts, improved search functionality, and integrated Microsoft Teams. It also includes advanced security features like virtualization-based security, Smart App Control, and BitLocker device encryption. Windows Update packages are reported to be up to 40% smaller, allowing older hardware to operate more efficiently. To ensure compatibility, a machine must have a 64-bit CPU, at least 4GB of RAM, a minimum of 64GB storage, support for Secure Boot, and TPM 2.0. Microsoft's PC Health Check app can verify these requirements. A smooth setup requires a discounted Windows 11 Pro license, an 8–16GB USB drive for installation, and access to free online installation media and drivers. The clean installation process involves backing up files, creating a bootable USB installer, installing Windows 11 Pro, and running Windows Update for patches. Users can optimize their setup by enabling Storage Sense, Core Isolation, and uninstalling unnecessary applications. StatCounter reports that Windows 11 powers about one-third of the world’s PCs, improving performance for browsers and office applications. A clean install can significantly reduce boot times and enhance overall system responsiveness. Security features like Secure Boot and Credential Guard help reduce vulnerabilities. When purchasing a Windows license, it's important to buy from reputable sellers to ensure the key is legitimate. Students and employees may have access to free or low-cost licenses through educational or corporate programs. For machines that cannot run Windows 11, modern Linux distributions like Mint and Ubuntu offer practical, cost-free alternatives with user-friendly installers and built-in drivers.

Winsage

November 12, 2025

Windows 11 KB5068861 & KB5068865 cumulative updates released

Microsoft has released cumulative updates KB5068861 and KB5068865 for Windows 11 versions 25H2, 24H2, and 23H2, addressing critical security vulnerabilities, bugs, and introducing new features. The updates are mandatory and include the November 2025 Patch Tuesday security patches. Users can install the updates via Start > Settings > Windows Update or download them from the Microsoft Update Catalog. The build number for Windows 11 25H2 will change to Build 26200.7019, and 23H2 will update to 226x1.6050. New features include: - A revamped Start menu UI allowing removal of the Recommended feed. - Updated lock screen battery icons with color indicators and battery percentage. - A dedicated Microsoft 365 Copilot page for commercial devices. - Rebranding of the “Email & accounts” section to “Your accounts.” - Refreshed taskbar battery icons with clearer visual cues. - New Administrator Protection Preview feature for safeguarding admin rights. - API support for NIST post-quantum cryptography algorithms. Fixed issues include: - Taskbar app icon hover behavior. - Display issues in apps and browsers. - Context menu behavior in File Explorer. - Pen and handwriting input responsiveness. - Narrator launch issues during Windows setup. - Performance improvements in taskbar loading after sleep. This update is the final release for Windows 11 23H2, as support for this version ends today, and no optional updates will be released in December.

Winsage

October 18, 2025

Announcing Windows 11 Insider Preview Build 26220.6972 (Dev Channel)

Windows 11 Insider Preview Build 26220.6972 (KB5067106) has been released to the Dev Channel, introducing new features, improvements, and fixes. Users can now add and manage mobile devices from their PC under the "Mobile Devices" section in Bluetooth & Devices. A new entry point in the Start menu allows direct access to the benefits page for Microsoft accounts. The build includes updated Game Pass references in Settings, improvements to File Explorer's dark mode, and the ability to enable or disable the Drag Tray feature in Settings. Fixes include resolving a catastrophic error in File Explorer when extracting large files, correcting display issues with videos and games, and fixing update installation errors. Other fixes addressed issues with Outlook, Remote Credential Guard, and print preview in Chromium-based browsers. Known issues include problems with text actions in Click to Do and Recall, disabled taskbar preview animations, and issues with the Start menu and notification center. Users may also experience bugs with Xbox Controller connectivity via Bluetooth. Insiders in the Dev Channel receive updates based on Windows 11, version 25H2, and features are rolled out gradually with feedback monitoring.

Winsage

October 13, 2025

The importance of upgrading to the latest Windows operating system …

Windows 10 was released in July 2015 and is now at its end of life, with no further updates. Windows 11 was introduced in October 2021, offering enhanced security features and requiring specific hardware specifications such as TPM 2.0 and Secure Boot. Extended support for Windows 10 will continue until October 2026 for consumers using Microsoft's cloud for backups, while corporate devices require an Extended Security Updates subscription for updates. The National Cyber Security Centre (NCSC) has warned of security risks associated with outdated operating systems, citing past vulnerabilities and attacks. A report by Forrester highlights the security improvements in Windows 11, including Smart App Control and improved administrator protections. Recent analysis shows a 33% decrease in Windows 10 devices, with projections indicating approximately 121 million PCs will remain operational by the end of support on October 14. Microsoft aims to transition features to user space to enhance security, but challenges exist for older hardware. Windows 11 includes a secure-by-default configuration and integrates AI capabilities, with Gartner predicting significant growth in AI PCs by 2025. ARM-based PCs are gaining interest for their battery life, though compatibility issues persist. Microsoft is collaborating with Qualcomm to develop ARM-based Copilot+ PCs, which may provide a viable alternative to traditional x86 hardware.

Winsage

July 17, 2025

Windows Server 2025 Golden dMSA Attack Enables Authentication Bypass and Password Generation

A design flaw in Microsoft’s Windows Server 2025, known as “Golden dMSA,” allows attackers to bypass authentication and generate passwords for all managed service accounts across enterprise networks. This vulnerability exploits a weakness in delegated Managed Service Accounts (dMSAs), reducing cryptographic protections to a brute-force attack requiring only 1,024 attempts. Discovered by Semperis Security Researcher Adi Malyanker, the attack involves extracting cryptographic material from the Key Distribution Services (KDS) root key, enumerating dMSA accounts, guessing ManagedPasswordId attributes, and generating passwords. The KDS root keys do not expire, potentially granting indefinite access. The vulnerability is classified as moderate risk, requiring possession of a KDS root key, accessible only to privileged accounts. Detection of the attack is challenging, as no security events are logged by default when KDS root keys are compromised. Microsoft acknowledged the vulnerability on May 27, 2025, and stated that the features were not intended to protect against domain controller compromises.

Winsage

June 20, 2025

Old apps and third-party providers blocked: Major Microsoft 365 security impact

Microsoft is implementing default blocks on legacy protocols and third-party applications for Microsoft 365 to enhance security. This includes deactivating the RPS protocol for SharePoint and OneDrive, as well as blocking the FPRPC protocol. Administrators will now need to give explicit approval for third-party applications to access files and pages, limiting user consent. These changes will begin in mid-July 2025 and are expected to be completed by August. Additionally, new security settings for Windows 365 will disable clipboard, storage, USB device, and printer linking by default on newly set up cloud PCs, with VBS, Credential Guard, and HVCI activated by default for those using a Windows 11 Gallery image. These updates for Windows 365 are planned for the latter half of 2025.

Winsage

June 20, 2025

Microsoft boosts default security of Windows 365 Cloud PCs

Microsoft is enhancing its Windows 365 Cloud PCs with new security features starting in May 2025. All newly provisioned and reprovisioned Cloud PCs using a Windows 11 gallery image will have Virtualization-Based Security (VBS), Credential Guard, and Hypervisor-Protected Code Integrity (HVCI) enabled by default. VBS creates a secure environment to protect system processes, Credential Guard secures authentication credentials, and HVCI ensures only verified code runs at the kernel level. Additionally, beginning in the latter half of 2025, clipboard, drive, USB, and printer redirections will be disabled by default on newly provisioned and reprovisioned Cloud PCs to mitigate security risks, although IT administrators can re-enable these features if needed.

Winsage

June 11, 2025

Microsoft fixes unreachable Windows Server domain controllers

Microsoft addressed a significant issue with Windows Server 2025 domain controllers that made some servers unreachable after a restart, affecting applications and services reliant on them. The problem was due to servers loading the standard firewall profile instead of the intended domain firewall profile after a reboot, leading to improper network traffic management. This misconfiguration caused accessibility challenges for services and applications on affected servers. Microsoft released the KB5060842 security update to resolve this issue during the June 2025 Patch Tuesday. A temporary workaround involves manually restarting the network adapter on affected servers using the Restart-NetAdapter * PowerShell command, which must be done after each reboot until the update is installed. Additionally, Microsoft fixed another issue preventing some users from logging into accounts via Windows Hello after the installation of the KB5055523 April 2025 security update.

Winsage

June 11, 2025

Microsoft fixes Windows Server auth issues caused by April updates

Microsoft has resolved an authentication issue that arose after the April 2025 security updates on Windows Server domain controllers, primarily affecting Windows Server 2016, 2019, 2022, and 2025. The problem, acknowledged in early May, involved difficulties with Kerberos logons or delegations reliant on certificate-based credentials due to the April monthly security update (KB5055523). This issue could lead to authentication failures in environments using Windows Hello for Business Key Trust or Device Public Key Authentication, impacting various software solutions. Microsoft released cumulative updates to fix these issues and recommended installing the latest security updates. For those still facing problems, a temporary registry adjustment was advised. The authentication issues were linked to security enhancements addressing a high-severity vulnerability (CVE-2025-26647) that could allow privilege escalation through an input validation flaw in Windows Kerberos. Microsoft had previously addressed related authentication issues in April and issued emergency updates in November 2022 for Kerberos sign-in failures affecting Windows domain controllers.

Winsage

May 7, 2025

Microsoft: April updates cause Windows Server auth issues

Microsoft has acknowledged that the April 2025 security updates are causing authentication challenges for certain Windows Server domain controllers, specifically affecting Windows Server versions 2016, 2019, 2022, and 2025. The issues arise after installing the April Windows monthly security update (KB5055523 or later), leading to complications in processing Kerberos logons or delegations that rely on certificate-based credentials. Affected authentication protocols include Kerberos PKINIT, S4U via RBKCD, and KCD. These issues are linked to security measures addressing the critical vulnerability CVE-2025-26647, which allows authenticated attackers to escalate privileges remotely. A temporary workaround involves modifying a registry value. Microsoft has previously addressed similar authentication issues in Windows 11, Windows Server 2025, and earlier versions.